Try our new research platform with insights from 80,000+ expert users

Cisco Identity Services Engine (ISE) vs One Identity Safeguard comparison

 

Comparison Buyer's Guide

Executive Summary
 

Categories and Ranking

Cisco Identity Services Eng...
Average Rating
8.2
Number of Reviews
139
Ranking in other categories
Network Access Control (NAC) (1st), Cisco Security Portfolio (1st)
One Identity Safeguard
Average Rating
8.0
Number of Reviews
40
Ranking in other categories
User Entity Behavior Analytics (UEBA) (6th), Privileged Access Management (PAM) (3rd)
 

Mindshare comparison

Cisco Identity Services Engine (ISE) and One Identity Safeguard aren’t in the same category and serve different purposes. Cisco Identity Services Engine (ISE) is designed for Network Access Control (NAC) and holds a mindshare of 29.2%, down 31.6% compared to last year.
One Identity Safeguard, on the other hand, focuses on Privileged Access Management (PAM), holds 4.5% mindshare, down 5.7% since last year.
Network Access Control (NAC)
Privileged Access Management (PAM)
 

Featured Reviews

Rohit-Joshi - PeerSpot reviewer
Aug 3, 2023
Enables us to ensure that any machine that comes into the network is patched and secure
Posturing is the most valuable feature. There are other tools available that can do some of their other features, like network authentication. The posturing was something because of the nature of the industry that we are in. There are people who go outside for work. Their machines are at times not in the network, and not patched properly. We don't know when they're going to come back, whether it is in a good state, whether it has antivirus, whether it's installed on those machines. Posturing is something that we have made our baseline policy that whenever a machine comes back to our network, it should have a certain level of the operating system and a level of security and antivirus installed. We couldn't have done this posturing without Cisco ISE. This is its greatest feature. It does help me to detect and remediate my network. It enables me to detect any external threat that comes to my network and remediate. If a machine comes into my network that does not qualify per my baseline policy, I have a policy that the machine gets redirected to where it can be patched and remediated. I can ensure that it is fully patched and secure. The entire idea of having ISE is to enhance cybersecurity resilience. The zero trust architecture was coined by the cybersecurity team itself. It was a task given to us in the infrastructure space to see how we can bring resilience into the cybersecurity network and ISE was the solution.
Tor Nordhagen - PeerSpot reviewer
Nov 22, 2023
Transparent mode for privileged sessions will greatly simplify our client's administrative situation
We're introducing the solution's transparent mode for privileged sessions. This is part of what the client hasn't used before. It will simplify their administrative situation greatly. So far, the rollout of this feature has been a seamless process, but we're still in the midst of rolling it out. The benefits will be on the risk side. Right now, the way accounts are managed, you don't necessarily know who is using an account. There's a shared admin account, and that's not a good thing. And those accounts are shared in wallets by several people. One of the real benefits of safeguarding here is that the client will have an absolute audit of who is using an administrative interface, whether it's server or network.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It does a good job of establishing trust for each access request, no matter the source. It's also very effective at helping with the distributed network and at securing access."
"The solution is great for establishing trust for every access request no matter where it comes from."
"The first benefit is that we can implement zero trust architecture because of Cisco ISE. I can assure my CISO in my company that my network is such that nobody can just bring in their laptop, desktop, or any sort of mobile device and can directly get connected to my network. That is a benefit that I can only allow people who I trust on the network."
"For customers, it's great. It has a GUI, so the customers themselves can edit ACLs or even modify the policies. It's also an all-in-one solution with RADIUS and TACACS."
"The product is useful for device administration."
"I like the automation of the collection of information."
"It has allowed us to pull in multiple authentication databases, then centralize them into a captive portal system."
"The most valuable feature is the provisioning of the device so as to ensure that they are compliant with the security policy that we need to have."
"I like that One Identity Safeguard lets you configure the maximum number of connections to the target, a configuration I didn't find in its competitor."
"It is easy to manage. There is a very logical, clear user interface. Also, the integration of scripts is thoughtfully implemented. Overall, it's a nice product to manage."
"The monitoring system is very good."
"The technical support is tremendous."
"One of the most important things is that it is very easy to use and install. It is also agentless, so all of the operations happen more smoothly than any other product."
"The first feature I like about One Identity Safeguard is the live contact point for the VPNs. This has been working very well for us, as it's both highly available and reliable."
"I have found the most useful feature of One Identity Safeguard to be Privileged Sessions."
"All sessions are audited and they are indexed/searchable through the GUI."
 

Cons

"The Guest Network verification needs to add a QR code option."
"Cisco ISE does not recognize devices and that is an issue we faced during its integration with our existing devices."
"In the next release, I would want to see this kind of solution in the cloud as opposed to on prem because when enhancements are made to the software, if it's in the cloud, it's overnight. I mean you're not going to have to respin the servers that the license sits on, it's all microservices kinds of things in the cloud. That would be my recommendation. If I'm a customer, that's what I'm looking at - for cloud based software subscriptions."
"The web interface needs improvement. The new web interface that they have is not as easy to manage and we find it to be very slow."
"The UI and UX could be more seamless and easier to use."
"With the recent release of the solution, we had a bunch of bugs and we had to delay our deployment. Other than that, the solution is good."
"The interface is a little bit complex."
"The interface is not very user-friendly and it is not simple to use."
"We have feature requests and would like to see the turnaround times on those features to be faster."
"Our experience with technical support has been disappointing. We require more prompt and faster response times. We require answers to our questions right away but we haven't received that level of support."
"On a scale of one to ten, the stability is an eight."
"The deployment affects our privileged users because it takes a long time for them to request privileges, which impacts the SLA."
"Even though we have two nodes, there's no way to do an upgrade without taking everything completely offline. It would be nice if they could improve that."
"I would like to see support for RDP over HTTPS so this product can be used in conjunction with the Microsoft terminal."
"We sometimes face issues with configuration and things like that, but we manage to solve them."
"Support for One Identity Safeguard could be improved because sometimes the support team doesn't have an answer or solution for some bugs. A feature I found in a competitor would make One Identity Safeguard better, and that is the ability to load balance the traffic in the target."
 

Pricing and Cost Advice

"I think licensing costs roughly $2,000 a year. ISE is more expensive than Network Access Control."
"According to my sales and account team, the prices we're getting are pretty good."
"It has a fair price. It is better than it was before."
"The price is a bit on the high side."
"Pricing is not a problem for Cisco because it has a lot of features and not much competition, although it's more expensive than other products. But if I do a cost-benefit analysis, Cisco provides high quality."
"The Essentials licensing is reasonable, but I would like the Premier version to be perpetual instead of a subscription."
"Previously, Cisco ISE had a perpetual licensing model, but now they have shifted to a subscription-based licensing system."
"It is fair."
"The pricing depends on our perspective, our budget, and, of course, the competitors we are taking into account."
"It is a bit on the pricey side, but you get what you pay for. You don't want to get anything too cheap because then you get cheap stuff and cheap support. That really never helps anybody."
"Setup cost, pricing and licensing are all very expensive."
"Its subscription cost is too much, and sometimes, it is very difficult to pitch the solution to the management for cost approval. If the cost is reduced a little bit, it would be easier. If its cost was less, many other organizations that currently cannot afford it would be able to use this technology. I'm sure many organizations around the globe are having issues with identity management, and it is a very difficult task for IT to manage privileged accounts."
"One Identity Safeguard is expensive and the cost goes up as we scale."
"The license is very expensive for us, partly due to inflation and partly because of the exchange rate between the Dollar and the Iranian Rial. We purchased a perpetual license that we've been using up until now, but I believe that we are not going to update it in the future. Instead, we plan to find another third-party to support us with the license, in the sense that we would have access to their license as a shared agreement."
"It was definitely cheaper than the other two products that we evaluated."
"They offer a fair price for a robust solution."
report
Use our free recommendation engine to learn which Network Access Control (NAC) solutions are best for your needs.
814,649 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
26%
Computer Software Company
16%
Financial Services Firm
7%
Government
7%
Computer Software Company
23%
Financial Services Firm
12%
Manufacturing Company
7%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is better - Aruba Clearpass or Cisco ISE?
Aruba ClearPass is a Network Access Control tool that gives secure network access to multiple device types. You can adapt the policies to VPN access, wired, or wireless access. You can securely ...
What are the main differences between Cisco ISE and Forescout Platform?
OK, so Cisco ISE uses 802.1X to secure switchports against unauthorized access. The drawback of this is that ISE cannot secure the port if a device does not support 802.1x. Cameras, badge readers, ...
How does Cisco ISE compare with Fortinet FortiNAC?
Cisco ISE uses AI endpoint analytics to identify new devices based on their behavior. It will also notify you if someone plugs in with a device that is not allowed and will block it. The user exper...
What do you like most about One Identity Safeguard?
The identity discovery is good, and the performance is pretty good value.
What is your experience regarding pricing and costs for One Identity Safeguard?
One Identity Safeguard is expensive. The license is around $3,000 per month.
What needs improvement with One Identity Safeguard?
One Identity's support is not appropriately structured, and it has a lot of room to improve.
 

Also Known As

Cisco ISE
No data available
 

Overview

 

Sample Customers

Aegean Motorway, BC Hydro, Beachbody, Bucks County Intermediate Unit , Cisco IT, Derby City Council, Global Banking Customer, Gobierno de Castilla-La Mancha, Houston Methodist, Linz AG, London Hydro, Ministry of Foreign Affairs, Molina Healthcare, MST Systems, New South Wales Rural Fire Service, Reykjavik University, Wildau University
Cavium
Find out what your peers are saying about Cisco, HPE Aruba Networking, Fortinet and others in Network Access Control (NAC). Updated: October 2024.
814,649 professionals have used our research since 2012.